这几个文件,是要结合前面的master安装脚本的。

所以有的json文件中会出现一些LOCAL_HOSTS_L,THIS_HOST之类的变量。

如果手工单独使用这些文件,要将这些变量替换为合适的IP或域名。

切记切记。

apiserver.json

{
    "CN": "kube-apiserver",
    "hosts": [
    	"kubernetes",
    	"kubernetes.default",
    	"kubernetes.default.svc",
    	"kubernetes.default.svc.cluster.local",
    	"10.96.0.1",
    	"LOCAL_HOST_L",
      "THIS_HOST"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    }
}

ha-apiserver.json

{
    "CN": "kube-apiserver",
    "hosts": [
      "kubernetes",
      "kubernetes.default",
      "kubernetes.default.svc",
      "kubernetes.default.svc.cluster.local",
      "10.96.0.1",
      "LOCAL_HOST_L",
      "Domain_name",
      "HOST_1",
      "HOST_2",
      "HOST_3"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    }
}

 

apiserver-kubelet-client.json

{
    "CN": "kube-apiserver-kubelet-client",
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
		{
	    "O": "system:masters"
		}
    ]
}

etcd-server.json

{
    "CN": "etcdServer",
    "hosts": [
        "127.0.0.1",
        "localhost",
        "LOCAL_HOST_L",
        "THIS_HOST"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
        {
            "O": "etcd",
            "OU": "etcd Security",
            "C": "CN",
            "L": "ShangHai",
            "ST": "ShangHai"
        }
    ]
}

ha-etcd-server.json

{
    "CN": "etcdServer",
    "hosts": [
        "127.0.0.1",
        "localhost",
        "LOCAL_HOST_L",
        "Domain_name",
        "HOST_1",
        "HOST_2",
        "HOST_3"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
        {
            "O": "etcd",
            "OU": "etcd Security",
            "C": "CN",
            "L": "ShangHai",
            "ST": "ShangHai"
        }
    ]
}

 

etcd-peer.json

{
    "CN": "etcdPeer",
    "hosts": [
    "127.0.0.1",
    "localhost",
    "LOCAL_HOST_L",
    "Domain_name",
    "HOST_1",
    "HOST_2",
    "HOST_3"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
        {
        "O": "etcd",
        "OU": "etcd Security",
            "C": "CN",
            "L": "ShangHai",
            "ST": "ShangHai"
        }
    ]
}

ha-etcd-peer.json

{
    "CN": "etcdPeer",
    "hosts": [
    "127.0.0.1",
    "localhost",
    "LOCAL_HOST_L",
    "Domain_name",
    "HOST_1",
    "HOST_2",
    "HOST_3"
    ],
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
        {
        "O": "etcd",
        "OU": "etcd Security",
            "C": "CN",
            "L": "ShangHai",
            "ST": "ShangHai"
        }
    ]
}

 

etcd-client.json

{
    "CN": "etcdClient",
    "key": {
        "algo": "rsa",
        "size": 2048
    },
    "names": [
        {
        "O": "etcd",
        "OU": "etcd Security",
            "C": "CN",
            "L": "ShangHai",
            "ST": "ShangHai"
        }
    ]
}

front-proxy-client.json

{
    "CN": "front-proxy-client",
    "key": {
        "algo": "rsa",
        "size": 2048
    }
}

 

转载于:https://www.cnblogs.com/aguncn/p/10904725.html

# json
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes